1. Field of the Invention
The present invention is directed toward the field of controlling access to electronic documents, and more particularly toward the field of securing information through partial encryption of tokenized documents.
2. Art Background
Information contained in documents is a valuable commodity in society. The ability to control distribution of documents is partially dependent upon the ownership of intellectual property rights in the documents. One way of generating revenue from the ownership of documents is through the sale or license of the documents. In an outright sale, a user may purchase from an information provider all rights associated with information contained in the document. As an owner of the rights in the document, the user is permitted to copy, distribute, or re-use the information in any form. However, the outright sale of rights in the document may demand a high price. Furthermore, the information provider may not desire to sell all rights in the document. Thus, a purchaser of documents may only want to buy limited rights in documents (i.e., obtain a license for limited rights in the document). One licensing scheme may set a license fee for the document dependent upon the rights conferred to the licensee (i.e., the purchaser of limited rights in the document). For example, a user may purchase from an information provider the right to use a single copy of the document. Having only the right to posses a single copy of the document, the user does not have a right to copy the document or re-use portions of the document. Accordingly, it is desirable for an information provider to control the use of a document by a user based on the rights conferred to the user.
Currently, information and documents are most easily distributed in an electronic form. Electronic documents provide fast, economic and efficient distribution of information not known through conventional techniques of distributing paper or hard copies. However, the distribution of electronic copies of documents significantly increases the issues of access control. Once the user has an electronic document in the clear, the user can easily copy the document, distribute the document, and re-use all or portions of the document to create an additional document. To prevent unauthorized use of an electronic document, information providers may encrypt the electronic version of the document. Encryption, although effective, may require substantial processing resources, and thus encumber the effective use of the electronic document. Accordingly, it is desirable to develop techniques that provide an adequate level of security while minimizing the processing required to recover the document.
A technique that partially encrypts tokenized documents generates secure documents while minimizing the processing required to reconstruct the document. An electronic document image is generated from the document. A plurality of tokens are stored as a dictionary, wherein the tokens represent shapes contained in the document. A plurality of triples comprising a token identification (ID) and a corresponding position are generated from the document image, such that the token ID identifies a token from the dictionary that corresponds to a shape in the document image at the corresponding position. To secure the contents of the document, the token IDs are encrypted. The secured document comprises encoded positions (x, y), encrypted token IDs and a dictionary of tokens.
In one embodiment, to reduce the size of the secured document, the positions in the sequence of triples are encoded. For this embodiment, the positions are differentially encoded, so as to only store information that identifies a position relative to a proceeding position. In another embodiment, each triple in the sequence is augmented with a color designation to include color in the secured document. If desired, contone color is included in the output representation by augmenting each triple in the sequence with JPEG compressed images.
Document reconstruction in the partial encryption of tokenized document technique includes receiving the dictionary of tokens, encrypted token identification (IDs) and their corresponding positions in the document. The encrypted token IDs are decrypted to generate token IDs. The original document image is then reconstructed from the token IDs and positions by generating a shape corresponding to a shape in the dictionary identified by a token ID at a location identified by a. corresponding position. In one embodiment, a trusted image output terminal includes a single integrated circuit that performs the decrypting function and the page rendering function to significantly reduce the ability to capture signals of the electronic document in the clear.